Details
-
Bug
-
Status: Open
-
Resolution: Unresolved
-
1.7
-
None
-
None
-
Operating System: All
Platform: All
Description
Hello, Batik Developers!
I work as a Systems Engineer for Parasoft, and we regularly test our Automated Error Prevention products on open source projects. We just finished running our flagship product, Jtest, on some projects and I chose to have a look at Apache Batik. This exercise already helped us to find some false positives in our analysis, but I thought I'd share the results with the developer community as well. That way everybody benefits. My initial run using Parasoft's Recommended Rules produced over 6000 warnings, but since nobody would look at such a large amount of warnings I boiled it down to a configuration that included only the 10 most essential analysis rules and produced 66 warnings.
I have attached the report that was produced by Jtest. While it is possible that all the detected bugs are effectively inconsequential the report points to a number of problems where code clearly does not do what it is supposed to do. So, I definitely suggest that somebody familiar with the code base have a look at it.
The report is based on the sources for Batik 1.7, so some of the line numbers might have shifted in the meantime. Please let us know if this analysis proved valuable for you or if you found any false positives or have other related feedback!